Run your own VPN

First, go to www.ramnode.com, sign up for an OpenVZ SSD VPS in Seattle. They will email you login details as soon as you've paid. Pick Ubuntu 12.04 as OS. Enter whatever you want as the hostname (it'll be the name of the server - not its address).

Lines starting with "#" are an indication that you are entering commands as root (admin), unless otherwise stated.

Where you see "123.456.78.90" in the instructions below, replace it with the IP address of your own server.

Login to the SolusVM CP, shutdown the VPS. At the bottom of the page you have a few tabs of options:

enable TUN/TAP

enable PPP

change the root password

Restart the VPS.

Connect to the VPS with your SSH client (Terminal on Mac, putty on windows).

ssh root@123.456.78.90

Run the following commands - it removes the rubbish installed by default, installs the VPN stuff needed, and upgrades everything to the latest version:

Create a VPN connection on your device, use the server IP address from the SolusVM CP, and the username and password you just created.

Try to connect; every time I've done the above the first connection attempt has always failed, but then starts working, so don't panic if it doesn't work first time. If it keeps failing, you've done something wrong.

Finally, setup the routing. SSH into your server.

# cd /usr/local/bin/

# vi vmfw

(NOTE: This is the entire contents of the file, the # lines are comments, not commands)

You're good to go. Hopefully you haven't locked yourself out of the server with the iptables rules above.

Notes:

you don't have to use RamNode; any provider that allows TUN/TAP + PPP on OpenVZ should work without drama. google "low end box" for cheapo providers (you'll get what you pay for).

the same instructions on Debian don't work, stick to Ubuntu. 12.10, 12.04, no matter.

to add users, edit the "/etc/ppp/chap-secrets" file, just add entries to it. the passwords are in plain text, so be sensible. you can use www.pctools.com to generate random passwords.

it would be a good idea to install fail2ban, to change the SSH port to a different one, and to add a non-root user, so you can disable remote root login. google for that stuff, or ask someone for help.

you can point a domain to your server IP address; an A record is enough, anywhere that sells or hosts domains will get you sorted out, or you can use DynDNS.

if it all goes wrong, just reinstall Ubuntu 12.04 from the SolusVM CP.

poor performance could be due to the mru/mtu settings. 1440 for both gave me the best results. adjust the values by +/-20 increments in all 3 places to suit - once again, google is your friend for this.